Updated on 2025-08-05 GMT+08:00
Protective Action
Description
The protective action you specify here is only used for this rule.
- Verification code: WAF allows requests that trigger the rule as long as your website visitors complete the required verification.
The cloud load balancer access mode does not support this protective action.
- Block: WAF blocks requests that trigger Rate Limit set in the rule.
- Block dynamically: WAF blocks requests that trigger the rule based on Allowable Frequency, which you configure after the first rate limit period is over.
- Log only: WAF only logs requests that trigger Rate Limit set in the rule.
- JS Challenge: WAF returns a piece of JavaScript code that can be automatically executed by a normal browser to the client. If the client properly executes the JavaScript code, WAF allows all requests from the client within a period of time (30 minutes by default). During this period, no verification is required. If the client fails to execute the code, WAF blocks the requests.
- The cloud load balancer access mode does not support this protective action.
- If the referer in the request is different from the current host, the JS challenge does not work.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
The system is busy. Please try again later.
For any further questions, feel free to contact us through the chatbot.
Chatbot
